sasl issue with postfix

Discussion in 'Server Operation' started by martini, Feb 12, 2007.

  1. martini

    martini New Member

    Hi, (first post here)

    I'm having spam relaying issues on my server so i've tried my best to make it harder for them by using SASL and adding the following to /etc/

    maps_rbl_domains =

    smtpd_client_restrictions =

    This has sorted out the spam from being relayed from my box but now when i try and send email from Thunderbird I get the following message

    Feb 12 21:32:02 postfix/smtpd[29163] NOQUEUE: reject: RCPT from[XXX.XXX.XXX.XXX]: 554 Service unavailable; Client host [XX.XXX.XXX.XXX] blocked using;; from=<> to=<> proto=ESMTP helo=<[]>
    Feb 12 21:32:02 postfix/smtpd[29163] warning: RBL lookup error: Host or domain name not found. Name service error for type=A: Host not found, try again
    Feb 12 21:31:53 postfix/smtpd[29163] connect from[]

    Without the smtpd_client_restrictions, maps_rbl_domains settings it works fine so i know that i've got the sasl password working in thunderbird. I would like to be able to use both stop spam.

    Any help please?

    Kind regards

  2. till

    till Super Moderator

    What is the output of:

    postconf -n | grep mynetworks
  3. martini

    martini New Member

    hi till,

    I get the following from

    #./postconf -n | grep mynetworks
    mynetworks_style = host
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

    does this help?


  4. falko

    falko Super Moderator

    There seems to be a DNS lookup problem. Have you checked if
    works on your system? Do you have valid nameservers in /etc/resolv.conf?
  5. martini

    martini New Member

    Hi Falko,

    Thanks for the help.

    11.222.333.444 = my ip address of my home pc that i'm trying to send mail from. The domain i'm sending it from is

    55.555.555.555 = my server ip address. has a main domain of I have multiple domains on this server.

    log snippett

    Feb 12 21:32:02 postfix/smtpd[29163] warning: RBL lookup error: Host or domain name not found. Name service error for type=A: Host not found, try again


    $ dig 11.222.333.444

    ; <<>> DiG 9.3.4 <<>> 11.222.333.444
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1890
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;11.222.333.444. IN A

    . 86400 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2007021400 1800 900 604800 86400

    ;; Query time: 15 msec
    ;; SERVER: 55.555.555.555 #53(55.555.555.555 )
    ;; WHEN: Wed Feb 14 20:45:13 2007
    ;; MSG SIZE rcvd: 107

    when I look in /etc/resolv.conf I only see the main domain name for my server, I do not see the domain name for the domain from which i am trying to send the mail from, Domain2. My server has multiple domains on it. Could this be the problem?

    $more /etc/resolv.conf
    nameserver 55.555.555.555

    Hope this makes sense. I'm only starting out and find this help really useful.


  6. falko

    falko Super Moderator

    Put this into /etc/resolv.conf and try again:
  7. martini

    martini New Member

    Hi Falko,

    Who's does those ip addresses belong to?

    What will this do?

    Many thanks in advance

  8. edge

    edge HowtoForge Supporter

    Both IP's are from 'open' name servers that are located in Germany.

    Lot's of people use them.
  9. martini

    martini New Member


    I've added the those ip addresses to my /etc/resolv.conf but still get the message from saying that my ip address is being blocked by them as it is on their pbl list.

    "An error occured while sending mail. The mail server responded:Service unavailable; Client host [my home ip address] block using;"my home ip address". Please verify that your email adddress is correct in you Mail prerences and try again"

    I went to spamhaus and "my home ip address" is on their list. I have turned on smtp authentication on thunderbird but it still doesn't let me send mail with spamhaus turned on. Annoyingly spamhaus only provides instructions for other email clients not thunderbird.

    any ideas?

    Many thanks

  10. falko

    falko Super Moderator

    You can ask spamhaus to remove your IP address, but I doubt they will do it if you have a dynamic IP address.
  11. martini

    martini New Member

    I checked on Spamhaus site and i'm in the pbl list.

    This pages tells me that I just need to make sure that my email client

    If you are simply using normal email software, such as Outlook, Entourage, Thunderbird, Apple Mail, and you are being blocked by a Spamhaus PBL listing when you try to send email, the reason is simply that you need to turn on "SMTP Authentication" in your email software settings (Tools : Accounts : Properties : Outgoing Mail Server : Check the "My server requires authentication" box). You do NOT need to remove your IP address from the PBL.

    But I had thought I had done that. My server only allows SASL and is turned on. But somehow Spamhaus doesn't accept my SASL.

    Any ideas? (thanks for your continued help on this)

  12. falko

    falko Super Moderator

    I don't think they will remove dynamic IP addresses.

Share This Page